Search UK Finance

You can use the search function to find a range of UK Finance material, from consultation responses to thought leadership to blogs, or to find content on a range of topics from Brexit to commercial finance.

Press

Download agreement

By downloading this document, you understand and agree that any sharing, distribution or republishing of the content, without prior written authorisation from the author or content managers at UK Finance, shall be constituted as a breach of the UK Finance website terms of use.

Data Protection Day – what lies ahead?

Published date:
25.01.2019

In 2018 we saw a lot more interest in data protection and privacy, as well as in the impact of data processing on individuals, society and the economy. Interest was fed by some high-profile scandals, sizable fines for data protection failures and of course the implementation of the GDPR or ‘General Data Protection Regulation’ (you probably remember your inbox being filled by marketing consent emails and confusing explanations all over the internet and media).

While GDPR is now firmly in place, there will still be much of interest in 2019. Here are a few areas to keep an eye on:

Sizeable fines – GDPR significantly increases maximum fines for data protection breaches. We have just seen a €50 million fine issued in France, for example, compared to the maximum fine of £500,000 in the UK prior to GDPR.

Potential internationalisation of GDPR – countries like Argentina, India and New Zealand have bills with GDPR borrowings passing through their respective parliaments. California has already passed a (perhaps hastily constructed) data protection update law and there is interest at federal level in the US as well. Setting a new global standard was one of the goals behind GDPR so it will be interesting to see how broadly its influence goes and how closely different countries will copy GDPR’s details as they update their own lawbooks.

Data portability – BEIS is conducting a smart data review looking at encouraging greater data sharing, among other things. Financial services are already advanced in this area having built Open Banking in 2018, with enhancements ongoing.

We will also see broader interest in how data is used, with some regulatory consultations likely to be on the horizon. The Information Commissioner will no doubt be consulting on and issuing more GDPR guidance. With GDPR becoming BAU, there are also new actors taking a wide-lens interest in questions of how data is used and how it should be used. In the UK we have the newly set up Centre for Data Ethics and Innovation, while the European Commission has set up a High Level Expert Group on AI. Both will consider how to encourage the data and AI sectors while ensuring high ethical standards. Further afield, countries like Singapore and Dubai are similarly publishing thoughts on ethical data use.

Closer to home, in financial services the traditional regulatory authorities are also looking with more interest at data use. The FCA has highlighted firms’ use of customer data – risks and opportunities – as an area of interest for 2019. Similarly, the PSR will presumably issue the outcome of its discussion paper that looked at drawing value out of payments data.

There will be an interesting balancing act to maintain for firms and for regulators as we try to find new, innovative ways to use data – all while respecting privacy and the still-emerging area of data ethics.